Use Ubuntu as a router with NAT

Setup two interfaces – one on each network
ETH0 is the outside / internet side
ETH1 is the inside / private network side (which needs internet access)

Static rule example:
root@ubuntu01:~# cat /etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback

# The External network interface
auto eth0
#iface eth0 inet dhcp
iface eth0 inet static

# The Internal network interface
auto eth1
#iface eth1 inet dhcp
iface eth1 inet static

Enable the inside IF
ifup eth1

Enable forwarding in current session:
echo “1” > /proc/sys/net/ipv4/ip_forward

Uncomment the section on forwarding to get permanent use of the NAT (even after rebooting):
vi /etc/sysctl.conf

Uncomment and save:

Restart networking (don’t do this over SSH – the connection will be cut):
/etc/init.d/procps restart
/etc/init.d/networking restart

Setup the actual forwarding rules in iptables:
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i eth0 -o eth1 -m state –state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

Save the rules so they’re not lost at reboot:
iptables-save > /etc/iptables.rules

Leave a Reply